https -restrict index page to work on https.

Fix it!!

https -restrict index page to work on https.

Postby priti » Tue Sep 02, 2008 5:43 am

Hello Members,

I am in strange problem

i have

http://dev.abc.com/auto must be made to work without redirecting to https://dev.abc.com/auto

with a caluse that the rest of the whole-module should work on https ?????

i.e

https://dev.abc.com/auto/page1.php
https://dev.abc.com/auto/page2.php
.....
https://dev.abc.com/auto/pagen.php ...........should work on https

BUT NOT http://dev.abc.com/auto the very first page !!!!

right now i kept full directory under HTTPS i have no clue how to do this ?

Can someone guide me how to achive this as this is relatively necessary for our site.

I want some rewrite rule in htaccess to overcome this problem.Any pointer in this direction would be very helpful;

Thanks.
priti
 
Posts: 3
Joined: Tue Sep 02, 2008 5:40 am

Postby richardk » Tue Sep 02, 2008 11:36 am

How are you currently forcing HTTPS?
If you remove whatever is forcing HTTPS, can you use both HTTP and HTTPS?
richardk
 
Posts: 8800
Joined: Wed Dec 21, 2005 7:50 am

Postby priti » Tue Sep 02, 2008 8:25 pm

richardk wrote:How are you currently forcing HTTPS?
If you remove whatever is forcing HTTPS, can you use both HTTP and HTTPS?


in htaccess we have written the rewrite rule

that allow directory 'auto' to run on https but how can i filter that except landing page of this module rest other pages should force/redirect if accessed thru http to https.

i need a way to differentiate this completely !!!
priti
 
Posts: 3
Joined: Tue Sep 02, 2008 5:40 am

Postby priti » Wed Sep 03, 2008 6:08 am

priti wrote:
richardk wrote:How are you currently forcing HTTPS?
If you remove whatever is forcing HTTPS, can you use both HTTP and HTTPS?


in htaccess we have written the rewrite rule

that allow directory 'auto' to run on https but how can i filter that except landing page of this module rest other pages should force/redirect if accessed thru http to https.

i need a way to differentiate this completely !!!


For more info

RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{REQUEST_FILENAME} !(home)

it allows https:// access to my directory home

but /home/ or /home/index.php i want to work on ONLY http:// not https:// but current setting auto redirect to https.

to do this i end of the script i wrote

RewriteCond %{REQUEST_URI} ^/?(home)$
RewriteRule .* http://%{SERVER_NAME}%{REQUEST_URI} [L]

but still it redirect to its https version.

Please guide me how to resolve this prblem.

Thanks.
priti
 
Posts: 3
Joined: Tue Sep 02, 2008 5:40 am

Postby richardk » Thu Sep 04, 2008 5:40 am

Post your whole mod_rewrite.

Try
Code: Select all
Options +FollowSymLinks

RewriteEngine On

# Force HTTPS for /auto/something
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^auto/.+$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

# Remove HTTPS from everything else.
RewriteCond %{SERVER_PORT} ^443$
RewriteRule !^auto/.+$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
richardk
 
Posts: 8800
Joined: Wed Dec 21, 2005 7:50 am


Return to Security with Mod_Rewrite

Who is online

Users browsing this forum: Google [Bot] and 2 guests

cron